EP3534588A1 - Verfahren und system zum austausch von netzwerkrichtlinien - Google Patents

Verfahren und system zum austausch von netzwerkrichtlinien Download PDF

Info

Publication number
EP3534588A1
EP3534588A1 EP18159503.4A EP18159503A EP3534588A1 EP 3534588 A1 EP3534588 A1 EP 3534588A1 EP 18159503 A EP18159503 A EP 18159503A EP 3534588 A1 EP3534588 A1 EP 3534588A1
Authority
EP
European Patent Office
Prior art keywords
network
policy
identifier
forwarding
controller
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP18159503.4A
Other languages
English (en)
French (fr)
Inventor
David Perez Caparros
Werner Liekens
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nokia Technologies Oy
Original Assignee
Nokia Technologies Oy
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nokia Technologies Oy filed Critical Nokia Technologies Oy
Priority to EP18159503.4A priority Critical patent/EP3534588A1/de
Publication of EP3534588A1 publication Critical patent/EP3534588A1/de
Withdrawn legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0263Rule management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/64Routing or path finding of packets in data switching networks using an overlay routing layer

Definitions

  • the field of the invention relates to a network policy exchanging method and a network policy exchanging system.
  • Particular embodiments relate to a system and a method for exchanging network policies between at least one network controller and at least one forwarding network element.
  • a logically centralized entity in the control plane layer such as a network controller, computes network policies to be enforced by forwarding network elements in the data plane layer.
  • network policies may include packet forwarding policies, e.g. "drop packet", "send packet to", etc. These network policies are then pushed to the forwarding network elements, either in a proactive or in a reactive manner, e.g. following a forwarding network element request for rules on how to handle a given data packet.
  • Network controllers can be mapped to network elements in a master-slave configuration, meaning that when the master controller fails, the slave controller can take over the control of the forwarding network elements which are associated with the failing controller.
  • a forwarding network element in the data plane may only get such forwarding network policies if the corresponding network controller is in an active state. If the network controller fails, the forwarding network element might request for instructions on how to handle a given data flow but will receive instruction, unless there is a preconfigured slave network controller instance. In that case, the address of the network slave controller must be known in advance by the forwarding network element. This makes that adding and/or removing one or more network controllers on-demand is a difficult task, since all forwarding network elements require changes in their configuration.
  • master and slave network controllers must be compatible with each other such that their databases can be synchronized, which may lead to a controller vendor lock-in, e.g. when an Open Network Operating System (ONOS) controller cluster is not compatible with OpenDaylight controller.
  • ONOS Open Network Operating System
  • the object of embodiments of the present invention is to provide an improved network policy exchanging method which is more reliable and/or more flexible as compared to state of the art methods. More in particular, the object of embodiments of the present invention is to provide a network policy exchanging method and system which have a reduced failure risk and/or which prevent vendor lock-in situations.
  • a network policy exchanging method for exchanging a network policy between at least one network controller and at least one forwarding network element which is associated with said at least one network controller, the exchanging method comprising the steps of:
  • Embodiments are based inter alia on the insight that by decoupling forwarding network elements from their associated network controller, a more resilient mechanism of network forwarding can be achieved. More in particular the forwarding network element is decoupled from its associated network controller by using a distributed database as an intermediate component between the network controller and the associated forwarding network element.
  • a network policy may originate comprising one or more forwarding rules which are intended for a forwarding network element which is associated with the respective network controller.
  • the network policy is then provided to and stored in a distributed database, to which distributed database both the respective network controller and the associated forwarding network element may have access.
  • a policy identifier representative for a storage location within the distributed database where the network policy is stored By associating with the stored network policy a policy identifier representative for a storage location within the distributed database where the network policy is stored, a particular network policy can be easily accessed and/or retrieved and/or updated if the policy identifier is known.
  • a controller identifier which identifies the network controller from which the network policy has originated By associating with the stored network policy a controller identifier which identifies the network controller from which the network policy has originated, a particular network policy can be easily accessed and/or updated by a network controller having an identifier matching with the controller identifier associated with the stored network policy.
  • any network controller may have one or multiple forwarding network elements associated therewith, and that any forwarding network element may have one or multiple network controllers associated therewith.
  • the described network policy exchanging method provides a common storage layer which can be used by heterogeneous network controllers, e.g. based on different frameworks such as ONOS, OpenDaylight, etc., to configure forwarding rules for a given forwarding network element.
  • Such forwarding network element can then consume network policies or forwarding rules from the decentralized, distributed database independently of a current status of the associated network controller(s).
  • the distributed database comprises a blockchain based policy repository.
  • the network policy exchanging method provides a secure distributed database with a high availability for both the network controller(s) and the forwarding network element(s).
  • the network policy exchanging method avoids the risk of encountering a single point of failure by employing a blockchain based policy repository.
  • storing the network policy in the distributed database comprises storing the network policy in a smart contract; and associating with the stored network policy a policy identifier comprises associating with the stored network policy a smart contract identifier identifying the smart contract wherein the network policy is stored.
  • the network policy exchanging method is able to increase safety and/or security of the stored network policies and/or associated identifiers in the distributed database or blockchain based policy repository.
  • a permissioned, smart contract based blockchain system such as Hyperledger Fabric, is used wherein network controllers and/or forwarding network elements should be registered and authenticated before being able to read and/or write data from and/or to the blockchain based policy repository.
  • providing the network policy to a distributed database comprises:
  • providing the stored network policy to the at least one forwarding network element comprises pushing the network policy to the at least one forwarding network element based on the element identifier.
  • providing the stored network policy to the at least one forwarding network element comprises:
  • the network policy exchanging method further comprises the steps of:
  • a network policy exchanging system for exchanging a network policy between at least one network controller and at least one forwarding network element which is associated with said at least one network controller, the exchanging system comprising:
  • the distributed database comprises a blockchain based policy repository.
  • the first policy providing unit is configured to store the network policy in a smart contract in the distributed database and to associate with the stored network policy a smart contract identifier identifying the smart contract wherein the network policy is stored.
  • the first policy providing unit is configured to:
  • the second policy providing unit is configured to push the network policy to the at least one forwarding network element based on the element identifier.
  • the second policy providing unit is configured to:
  • the first policy providing unit is configured to:
  • a computer program product comprising a computer-executable program of instructions for performing, when executed on a computer, the steps of the method of any one of the method embodiments described above.
  • a digital storage medium encoding a computer-executable program of instructions to perform, when executed on a computer, the steps of the method of any one of the method embodiments described above.
  • a device programmed to perform a method comprising the steps of any one of the methods of the method embodiments described above.
  • Figure 1 schematically illustrates an embodiment of a network policy exchanging method 100 for exchanging a network policy between at least one network controller and at least one forwarding network element which is associated with said at least one network controller.
  • the exchanging method 100 will be described as pertaining to exchanging one network policy, which might for example comprise one or more forwarding rules, between one network controller and one forwarding network element which is associated with said network controller.
  • the described method may pertain to exchanging any amount of network policies.
  • the described network policy exchanging method 100 can be implemented for any amount of network controllers in combination with any amount of forwarding network elements.
  • the network policy exchanging method 100 comprises step 110 of providing the network policy to a distributed database.
  • the network policy may be provided to the distributed database in different manners, for example via the network controller, via a network policy database, via a dedicated component, etc.
  • the distributed database may comprise a blockchain based policy repository.
  • the network policy exchanging method 100 further comprises step 120 of storing the network policy in the distributed database and associating with the stored network policy at least one identifier in the distributed database such that the stored network policy may be easily accessed, updated and/or retrieved.
  • stored network policies and/or associated identifiers thereof may be replicated and/or synchronized across peers which are part of the distributed database.
  • Identifiers which may be allocated to or associated with the stored network policy comprise at least one of a policy identifier, representative for a storage location within the distributed database where the network policy is stored, a controller identifier, which identifies the network controller from which the network policy has originated, and an element identifier, which identifies the network forwarding element to which the network policy applies.
  • the network policy is calculated and provided by the network controller.
  • the network controller knows for which forwarding network element the network policy is meant and can therefore provide the element identifier to the distributed database along with the network policy.
  • the controller identifier of the network controller can either be extracted therefrom or can be provided along with the network policy and/or element identifier.
  • the policy identifier is a unique identifier or pointer which can be allocated to the respective network policy or forwarding rule(s) thereof when the network policy is stored in the distributed database. Storing the network policy in the distributed database, for example a blockchain based policy repository, may comprise storing the network policy in a smart contract.
  • associating with the stored network policy a policy identifier comprises associating with the stored network policy a smart contract identifier identifying the smart contract wherein the network policy is stored.
  • the network policy can then be queried the network controller and/or the forwarding network element by looking up the associated a smart contract identifier.
  • the network policy exchanging method 100 further comprises step 130 of providing the stored network policy from the distributed database to the at least one forwarding network element which is associated with the network controller based on at least one of the policy identifier, controller identifier, and element identifier associated with the stored network policy.
  • Step 130 of providing the stored network policy to the at least one forwarding network element may comprise pushing the network policy to the at least one forwarding network element based on the element identifier. In other words, step 130 may be executed in a proactive manner.
  • the network policy may be pushed to the associated forwarding network element at any available or desirable moment in time and either be executed directly by the forwarding network element or be stored in a forwarding engine or controller agent of the forwarding network element for execution at a later moment in time.
  • step 130 may be executed in a reactive manner. This is illustrated in the embodiment of figure 3 and will be further elaborated below.
  • Figure 2 schematically illustrates another embodiment of a network policy exchanging method 100 wherein step 130 of providing the network policy to a distributed database comprises a step 111 of computing the network policy at the at least one network controller, and step 112 of sending the network policy and the element identifier of the at least one forwarding network element which is associated with the at least one network controller to the distributed database.
  • the network controller is aware for which forwarding network element the network policy is calculated and can therefore provide the element identifier to the distributed database along with the network policy.
  • Steps 120 and 130 in the embodiment of figure 2 correspond with the steps 120 and 130 in the embodiment of figure 1 and for the sake of brevity, reference is made to the description pertaining to these steps 120 and 130 as given in view of figure 1 .
  • FIG. 3 schematically illustrates a further embodiment of a network policy exchanging method 100 wherein step 130 of providing the stored network policy to the at least one forwarding network element is executed in a reactive manner. More in particular, it is illustrated that step 130 comprises querying the distributed database for a network policy based on at least one of policy identifier, controller identifier, and element identifier, and, in response to the querying, sending the queried network policy to the forwarding network element.
  • Steps 110 and 120 in the embodiment of figure 3 correspond with the steps 110 and 120 in the embodiments of figures 1 and 2 .
  • steps 110 and 120 in the embodiments of figures 1 and 2 correspond with the steps 110 and 120 in the embodiments of figures 1 and 2 .
  • FIG. 4 schematically illustrates a further embodiment of a network policy exchanging method 400.
  • the exchanging method 400 corresponds with any one of the embodiment as illustrated in figures 1, 2 or 3 , with the difference that the embodiment of figure 4 comprises addition steps.
  • the network policy exchanging method comprises a step 440 of querying the distributed database for a policy identifier based on at least one of the controller identifier of the at least one network controller and the element identifier of the at least one forwarding network element which is associated with the at least one network controller.
  • a policy identifier e.g. smart contract identifier
  • Such a stored network policy can however still be updated, and remain at the same location in the distributed database.
  • a network controller may query the distributed database for the policy identifier of said stored network policy to gain access to the stored network policy. Based on the controller identifier of the network controller it may be verified that the network controller may actually gain access to the stored network policy and access may be granted to the network controller.
  • the network policy can then be updated.
  • a further step 430 of providing the stored network policy to the at least one forwarding network element may comprise providing the updated network policy to the at least one forwarding network element. This can be done in a proactive or a reactive manner in a similar way as described in for step 130 in the embodiments of figure 1 and 3 .
  • Figure 5 schematically illustrates an embodiment of a network policy exchanging system 500 for exchanging a network policy between at least one network controller 501 and at least one forwarding network element 502 which is associated with said at least one network controller.
  • the exchanging system 500 will be described as pertaining to a system for exchanging one network policy, which might for example comprise one or more forwarding rules, between one network controller 501 and one forwarding network element 502 which is associated with said network controller 501.
  • the described system may be implemented for exchanging any amount of network policies.
  • the described network policy exchanging system 500 can be implemented for any amount of network controllers 501 in combination with any amount of forwarding network elements 502.
  • any network controller 501 may have one or multiple forwarding network elements 502 associated therewith, and that any forwarding network element 502 may have one or multiple network controllers 501 associated therewith.
  • the exchanging system 500 comprises a first policy providing unit 510 and a distributed database 520, wherein the first policy providing unit 510 is configured to provide the network policy to the distributed database 520.
  • the first policy providing unit 510 forms an interface which allows communication between the network controller 501 and the distributed database 520.
  • This first policy providing unit 510 is illustrated as being a unit which is separate from both the network controller 501 and the distributed database 520, however, in embodiments the first policy providing unit 510 may be incorporated into the network controller 501 and/or the distributed database 520.
  • the first policy providing unit 520 is configured to store the network policy in the distributed database and to associate with the stored network policy at least one identifier in the distributed database such that the stored network policy may be easily accessed, updated and/or retrieved.
  • stored network policies and/or associated identifiers thereof may be replicated and/or synchronized across peers which are part of the distributed database.
  • Identifiers which may be allocated to or associated with the stored network policy comprise at least one of a policy identifier, representative for a storage location within the distributed database where the network policy is stored, a controller identifier, which identifies the network controller from which the network policy has originated, and an element identifier, which identifies the network forwarding element to which the network policy applies.
  • the exchanging system 500 further comprises a second policy providing unit 530 which is configured to provide the stored network policy to the at least one forwarding network element 502 based on at least one of the policy identifier, controller identifier, and element identifier associated with the stored network policy.
  • the second policy providing unit 530 forms an interface which allows communication between the forwarding network element 502 and the distributed database 520.
  • This second policy providing unit 530 is illustrated as being a unit which is separate from both the forwarding network element 502 and the distributed database 520, however, in embodiments the second policy providing unit 530 may be incorporated into the forwarding network element 502 and/or the distributed database 520.
  • the distributed database 520 may for example be a blockchain based policy repository and the first policy providing unit 510 may be configured to store the network policy in a smart contract.
  • the first policy providing unit 510 may be configured to associate with the stored network policy a smart contract identifier identifying the smart contract wherein the network policy is stored.
  • the network policy can then be queried by the network controller via the first policy providing unit 510 and/or by the forwarding network element 502 via the second policy providing unit 530 which may comprises looking up the associated smart contract identifier in the distributed database 520.
  • the first policy providing unit 510 is configured to receive from the at least one network controller 501 the network policy and the element identifier of the at least one forwarding network element 502 which is associated with the at least one network controller 501 and to provide the received network policy and element identifier to the distributed database 520.
  • the second policy providing unit 530 is configured to push the network policy to the at least one forwarding network element 502 based on the element identifier.
  • the second policy providing unit 530 may be configured to pro-actively provide the network policy to the forwarding element 502 when the policy providing unit 530 is aware of the according element identifier.
  • the second policy providing unit 530 is configured to reactively provide the network policy to the forwarding element 502. More in particular the second policy providing unit 530 may be configured to query the distributed database 520 for a network policy based on at least one of policy identifier, controller identifier, and element identifier; and in response, send the queried network policy to the forwarding network element 502.
  • the first policy providing unit 510 is configured to: query the distributed database 520 for a policy identifier based on at least one of the controller identifier of the at least one network controller and the element identifier of the at least one forwarding network element 502 which is associated with the at least one network controller 501.
  • the first policy providing unit 510 is further configured to update the network policy based on the requested policy identifier.
  • the second policy providing unit 530 may then be configured to provide the updated network policy to the at least one forwarding network element 502, either in a reactive manner or in a pro-active manner.
  • Figures 6A and 6B schematically illustrate embodiments of a network policy exchanging system 600 wherein the distributed database 620 comprises a blockchain based network policy repository.
  • the general aspect which is illustrated is to enable forwarding network elements 630, such as an IoT gateway, to fetch network policies from a common, decentralized and secure repository 620 based on blockchain technology, instead of directly fetching them from a centralized network controller 610.
  • This general aspect is illustrated in figure 6A .
  • the network controller 610 comprises a first policy providing unit 510 which functions as an interface between the network controller 610 and the blockchan network policy (BNP) repository 620.
  • BNP blockchan network policy
  • each forwarding network element 630 comprises a second policy providing unit 530, which functions as an interface between the forwarding network element 630 and the BNP repository 620.
  • BNP blockchan network policy
  • FIG. 6B A further elaborated aspect is illustrated in figure 6B in which a new method and system is schematically shown which allow forwarding network elements 602 to interface with a trusted blockchain based policy repository 620 and to retrieve network policies from it. Further a new interface 510 (not shown) is assumed between a network controller 610 and a blockchain based policy repository 620 to push policies to the repository which policies will later be pulled by forwarding network elements 602.
  • the forwarding network element 602 is illustrated as hosting a component 630 for interfacing with the blockchain network policy (BNP) repository 620.
  • This interfacing component 630 is referenced as BNP agent and may correspond with the second policy providing unit 530 as described in view of figure 5 .
  • This interfacing component 630 is provided in the forwarding network element 602 in addition to the controller agent component 602a and forwarding engine component 602b which are typically comprised within a forwarding network element.
  • FIG. 7A and 7B schematically illustrate further embodiments of a network policy exchanging system and method wherein the distributed database 720 comprises a blockchain based network policy repository 720.
  • the distributed database 720 comprises a blockchain based network policy repository 720.
  • such repository is implemented using a permissioned, smart contract enabled blockchain system (e.g. Hyperledger Fabric).
  • participants must be registered and authenticated before being able to write/read into/from the blockchain 720.
  • a forwarding network element registry with identifier #001 is implemented.
  • the registry associates SDN network controllers 701 with forwarding network elements 702 and their respective smart contracts, with accompanying policy identifier, e.g. #002 for the smart contract related to forwarding network element SW1, that store forwarding rules.
  • SDN controllers 701 can store in the blockchain layer, by using one or more smart contracts, forwarding rules that are addressed to forwarding network elements 702 associated to them or under their control.
  • the forwarding network element registry with identifier #001, and forwarding rule smart contracts, e.g. with policy identifier #002, are replicated and synchronized by means of a consensus algorithm across peers in the blockchain P2P network.
  • Example embodiments of smart contracts are illustrated in figure 7B .
  • smart contracts are stored which comprise one or more forwarding rules pertaining to multiple forwarding network elements 702.
  • a corresponding controller identifier indicates which network controller(s) is/are related to the respective forwarding network element and which policy/policies apply to said respective forwarding network element via a corresponding policy identifier (Switch Contract ID) which identifies the location, e.g. smart contract, where the according policy is stored in the distributed database 720.
  • Switch Contract ID a corresponding policy identifier which identifies the location, e.g. smart contract, where the according policy is stored in the distributed database 720.
  • SW1 Forwarding Rules smart contract
  • multiple forwarding rules pertaining to the forwarding network element SW1 702 are stored, in this embodiment along with security policies regarding read/write/delete authorizations.
  • further API functions are comprised within the smart contact.
  • the forwarding network element registry defines which SDN controller(s) can access/write the forwarding rules smart contract of a given set of forwarding network element(s), by means of corresponding the appropriate controller identifier(s) and/or element identifier(s) with the respective forwarding rule(s) or smart contract(s).
  • smart contracts get a unique ID, e.g. policy/contract identifier, which is used by the BNP participants to access them.
  • the BNP agent uses the ID or policy identifier of the smart contract associated with the SDN switch, i.e. forwarding network element 702, to pull forwarding rules from it.
  • the smart contracts are replicated across the blockchain P2P network, so the BNP agent, i.e.
  • second policy provider 730 does not need to address a specific peer node, it can select a given node based on network latency, for instance. This feature enables network forwarding elements 702 to be mobile and choose the closest peer node at any time to fetch network policies from.
  • the SDN controller i.e. network controller 701
  • the SDN controller can fail without affecting the current state of the network.
  • the proposed approach provides a much higher level of reliability than existing solutions in the state of the art where multiple network controllers need to be connected to a forwarding network element and implement a take-over procedure when the master network controller fails, which puts the forwarding element in a temporary "orphan" state.
  • current SDN controller applications are replaced by a set of smart contracts in the blockchain 720 which implement the required functionality.
  • one of such smart contracts may implement the logic to compute the shortest path in the network (Path Computation Engine) and derive the required forwarding rules for each individual network element in such path.
  • the PCE smart contract pushes the calculated rules to the respective network element smart contracts.
  • Figure 8 schematically illustrates a flowchart of a further embodiment of a network policy exchanging method which for example can be executed by the exchanging system of figures 7A and 7B .
  • the illustrated method includes the steps of:
  • program storage devices e.g., digital data storage media, which are machine or computer readable and encode machine-executable or computer-executable programs of instructions, wherein said instructions perform some or all of the steps of said above-described methods.
  • the program storage devices may be, e.g., digital memories, magnetic storage media such as a magnetic disks and magnetic tapes, hard drives, or optically readable digital data storage media.
  • the program storage devices may be resident program storage devices or may be removable program storage devices, such as smart cards.
  • the embodiments are also intended to cover computers programmed to perform said steps of the above-described methods.
  • processors may be provided through the use of dedicated hardware as well as hardware capable of executing software in association with appropriate software.
  • the functions may be provided by a single dedicated processor, by a single shared processor, or by a plurality of individual processors, some of which may be shared.
  • explicit use of the term "processor” or “controller” should not be construed to refer exclusively to hardware capable of executing software, and may implicitly include, without limitation, digital signal processor (DSP) hardware, network processor, application specific integrated circuit (ASIC), field programmable gate array (FPGA), read only memory (ROM) for storing software, random access memory (RAM), and non volatile storage.
  • DSP digital signal processor
  • ASIC application specific integrated circuit
  • FPGA field programmable gate array
  • ROM read only memory
  • RAM random access memory
  • any switches shown in the figures are conceptual only. Their function may be carried out through the operation of program logic, through dedicated logic, through the interaction of program control and dedicated logic, or even manually, the particular technique being selectable by the implementer as more specifically understood from the context.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Business, Economics & Management (AREA)
  • General Business, Economics & Management (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
EP18159503.4A 2018-03-01 2018-03-01 Verfahren und system zum austausch von netzwerkrichtlinien Withdrawn EP3534588A1 (de)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP18159503.4A EP3534588A1 (de) 2018-03-01 2018-03-01 Verfahren und system zum austausch von netzwerkrichtlinien

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
EP18159503.4A EP3534588A1 (de) 2018-03-01 2018-03-01 Verfahren und system zum austausch von netzwerkrichtlinien

Publications (1)

Publication Number Publication Date
EP3534588A1 true EP3534588A1 (de) 2019-09-04

Family

ID=61580927

Family Applications (1)

Application Number Title Priority Date Filing Date
EP18159503.4A Withdrawn EP3534588A1 (de) 2018-03-01 2018-03-01 Verfahren und system zum austausch von netzwerkrichtlinien

Country Status (1)

Country Link
EP (1) EP3534588A1 (de)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2021185520A1 (de) * 2020-03-17 2021-09-23 Siemens Schweiz Ag Verfahren und anordnung zum austauschen eines domain-registrars für das authentifizieren und konfigurieren von digitalen zertifikaten

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
KATAOKA KOTARO ET AL: "Trust list: Internet-wide and distributed IoT traffic management using blockchain and SDN", 2018 IEEE 4TH WORLD FORUM ON INTERNET OF THINGS (WF-IOT), IEEE, 5 February 2018 (2018-02-05), pages 296 - 301, XP033338377, DOI: 10.1109/WF-IOT.2018.8355139 *
RODRIGUES BRUNO ET AL: "A Blockchain-Based Architecture for Collaborative DDoS Mitigation with Smart Contracts", 17 June 2017, MEDICAL IMAGE COMPUTING AND COMPUTER-ASSISTED INTERVENTION - MICCAI 2015 : 18TH INTERNATIONAL CONFERENCE, MUNICH, GERMANY, OCTOBER 5-9, 2015; PROCEEDINGS; [LECTURE NOTES IN COMPUTER SCIENCE; LECT.NOTES COMPUTER], SPRINGER INTERNATIONAL PUBLISHING, CH, ISBN: 978-3-540-70543-7, ISSN: 0302-9743, XP047419332 *
SHARMA PRADIP KUMAR ET AL: "DistBlockNet: A Distributed Blockchains-Based Secure SDN Architecture for IoT Networks", IEEE COMMUNICATIONS MAGAZINE, vol. 55, no. 9, 8 September 2017 (2017-09-08), pages 78 - 85, XP011660097, ISSN: 0163-6804, [retrieved on 20170908], DOI: 10.1109/MCOM.2017.1700041 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2021185520A1 (de) * 2020-03-17 2021-09-23 Siemens Schweiz Ag Verfahren und anordnung zum austauschen eines domain-registrars für das authentifizieren und konfigurieren von digitalen zertifikaten

Similar Documents

Publication Publication Date Title
US8954391B2 (en) System and method for supporting transient partition consistency in a distributed data grid
JP5695324B2 (ja) スプリットブレイン状況におけるメジャーグループを決定するための方法、システム、及びコンピュータ読み取り可能な記録媒体
JP5841177B2 (ja) マルチサーバ予約システムにおける同期化メカニズムのための方法及びシステム
ES2707332T3 (es) Sistema informático de soporte de basculamiento en un sistema de procesamiento de flujo de eventos
US20130268740A1 (en) Self-Destructing Files in an Object Storage System
US9367261B2 (en) Computer system, data management method and data management program
CN104011701A (zh) 内容传送网络
US8943082B2 (en) Self-assignment of node identifier in a cluster system
US9069571B2 (en) Propagation of unique device names in a cluster system
CA2847597A1 (en) Clustered client failover
US8788465B2 (en) Notification of configuration updates in a cluster system
EP3185474B1 (de) Verteilte datenbank für netzwerkfunktionen
US11341009B1 (en) Directing placement of data in cloud storage nodes
US9716768B2 (en) Cache system and method for providing caching service
US9921878B1 (en) Singleton coordination in an actor-based system
CN111104250B (zh) 用于数据处理的方法、设备和计算机可读介质
US10924452B1 (en) Auditing IP address assignments
EP3534588A1 (de) Verfahren und system zum austausch von netzwerkrichtlinien
GB2500348B (en) Validation of access to a shared data record subject to read and write access by multiple requesters
EP3864799A1 (de) Verfahren und vorrichtung zur gewährleistung einer fortgesetzten betriebszuverlässigkeit einer vorrichtung im cloud-abbaumodus
US9348672B1 (en) Singleton coordination in an actor-based system
EP3884648B1 (de) Georeplizierter iot-hub
JP2017146873A (ja) データ提供システム、データ提供方法、データ提供装置、更新対象装置及びコンピュータ・プログラム
CN113204437B (zh) 应用程序实例与客户端设备的连接
US9548940B2 (en) Master election among resource managers

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

AX Request for extension of the european patent

Extension state: BA ME

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20200305